author: Mark Pulford <markp@FreeBSD.org> 2003-02-17 09:19:01 +0000
committer: Mark Pulford <markp@FreeBSD.org> 2003-02-17 09:19:01 +0000
commit: db1157510b1f01752b231f3d7b8aef5d6ed18632 (patch)
tree: 5b5c7300221270520d00109a1443511e45cf3645 /security/mac-robber/pkg-descr
parent: 6f6780ceb99870c18c02d2a8368474664cc91cad (diff)
download: ports-db1157510b1f01752b231f3d7b8aef5d6ed18632.tar.gz
ports-db1157510b1f01752b231f3d7b8aef5d6ed18632.zip
1 files changed, 11 insertions, 0 deletions
diff --git a/security/mac-robber/pkg-descr b/security/mac-robber/pkg-descr
new file mode 100644
index 000000000000..1611afb1c094
--- /dev/null
+++ b/security/mac-robber/pkg-descr
@@ -0,0 +1,11 @@
+mac-robber is a Forensics & Incident Response tool used to collect
+the Modified, Access, and Change (MAC) times from allocated files.
+It recursively reads MAC times of files and directories and prints
+them in 'time machine' format to STDOUT.  This format is the same
+that the mactime tool from The Coroners Toolkit (TCT) reads.
+
+mac-robber is based on the grave-robber tool from The Coroners
+Toolkit (TCT) when using the '-m' flag, except it does not require
+Perl!
+
+WWW: http://www.atstake.com/research/tools/forensic/
author	Mark Pulford <markp@FreeBSD.org>	2003-02-17 09:19:01 +0000
committer	Mark Pulford <markp@FreeBSD.org>	2003-02-17 09:19:01 +0000
commit	db1157510b1f01752b231f3d7b8aef5d6ed18632 (patch)
tree	5b5c7300221270520d00109a1443511e45cf3645 /security/mac-robber/pkg-descr
parent	6f6780ceb99870c18c02d2a8368474664cc91cad (diff)
download	ports-db1157510b1f01752b231f3d7b8aef5d6ed18632.tar.gz ports-db1157510b1f01752b231f3d7b8aef5d6ed18632.zip